With the rapid development of computer technologies, network security is increasing concern to people. Different application program files need to be accessed when a user uses a terminal of the user to perform a network application service such as web browsing, and it is very likely that these files have been attacked by various malicious virus code, causing the terminal of the user to be infected by virus.
In a network such as a wireless local area network (WLAN), a second generation (2G) mobile communications technology network, or a third generation (3G) mobile communications technology network, a user generally accesses the network using a network device such as a gateway device, a gateway general packet radio service (GPRS) support node (GGSN), a base station, or an enhanced base station in order to access a network application. At present, after receiving a request for accessing an application program file from a user, the network device needs to acquire a reputation value of the file, and performs subsequent processing based on the reputation value such as determining whether to allow user access. In an actual application, an enterprise user generally particularly concerns about a reputation value of a file accessed by the user, for example, concerns about whether a reputation value of an e-mail sent by the user or an File Transfer Protocol (FTP) file transmitted by the user satisfies a particular requirement in order to ensure security and reliability of a network system of an enterprise that the user belongs to. At present, a widely used manner for acquiring a file reputation includes that a network device such as a gateway device generates a characteristic value according to all or some content of a file currently accessed by a user, which is subsequently referred to as an “accessed file” for short in this application, and then queries a database, which stores a correspondence between a known characteristic value and a file reputation value, of the gateway device for a reputation value of the accessed file according to the generated characteristic value.
In the foregoing manner, a characteristic value of a file is generated according to content of the file. In a case in which new application services emerge continuously or applications are updated and upgraded frequently, a phenomenon that a file reputation value corresponding to a characteristic value of a queried file does not exist in a file reputation database often occurs, resulting in a query failure.